April 25th, 2017 (Cincinnati, OH) RoundTower Technologies, LLC reported today that they have successfully passed the SOC 2 Type II examination pertaining to information management security principles, ensuring that their systems are protected against unauthorized access, use, or modification. Used by global companies such as Amazon Web Services and Google, SOC 2 is fast becoming the industry standard for documenting security infrastructures and services.
RoundTower completed the examination without exceptions, meaning that they were qualified the first time without requiring corrections. The significance for RoundTower customers is that they can have complete confidence that their company’s private information and critical data are strictly controlled and protected according to the highest established standards. Security is especially important to customers today because they are collecting increasing amounts of information and the potential for data theft has become an ever-present threat.
Obtaining the SOC 2 Type II certification demonstrates the commitment of RoundTower’s Managed Services Practice to the security and safeguarding of sensitive customer information Michael Swiencki Director of Managed Services
This most recent examination of RoundTower’s security controls is one step among several. In 2016, RoundTower met criteria for SOC 2 Type I, also without exceptions. Having now met the SOC 2 Type II criteria sets the bar even higher, exceeding standards for SAS70 or SSAE 16. RoundTower has already begun the next step by submitting to an ISO 27001 examination, beginning in March of this year, and expects to complete the criteria by October.
“Obtaining the SOC 2 Type II certification demonstrates the commitment of RoundTower’s Managed Services Practice to the security and safeguarding of sensitive customer information,” says Michael Swiencki, Director of Managed Services. “Our customers can rest assured that we are operating according to the highest trust principles of security compliance.”
Meeting SOC 2 Type II standards requires enormous preparation, often including extensive practice, readiness assessments, and internal mock examinations. Formally known as a Report on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy, the SOC 2 Type II examination is administered by an independent CPA firm to assure that all findings are entirely objective. The firm then issues a series of reports that render an expert opinion as to the effectiveness of controls that address operations and compliance. Schellman & Company, LLC, one of the world’s leading attestation and compliance services, examined RoundTower for a period of eight months before verifying that they met or exceeded all standards.